CVE-2013-4713

I-O DATA DEVICE RockDisk <1.05e1-2.0.5 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

References (3)

[Third Party Advisory] http://jvn.jp/en/jp/JVN74608669/index.html

[Third Party Advisory] http://jvndb.jvn.jp/jvndb/JVNDB-2013-000096

[Patch] http://www.ioplaza.jp/shop/contents/rdiskmanual.aspx

Scores

EPSS 0.0018

EPSS Percentile 39.2%

Details

CWE

CWE-79

Status published

Products (13)

iodata/rockdisk_firmware < 1.05c-2.0.3

iodata/rockdisk_firmware

... and 3 more

Published Nov 01, 2013

Tracked Since Feb 18, 2026